General Data Protection Regulation (GDPR)
Offer: DIGITAL SERVICE GDPR
GDPR live – DIGITAL SERVICE AND SUPPORT FOR SOLVING SUSTAINABLE COMPLIANCE WITH EU 2016/679 PERSONAL DATA PROTECTION REGULATION (GDPR)
We have divided a process of the GDPR compliance into the following areas:
TRAINING in the area of personal data protection – adequate training at the level of senior management and staff who have permanent regular or irregular access to personal data.
- online training
- personal training
- further training in the area
DIAGNOSTICS on the GDPR security status – input diagnostics of the current state of processing the controller’s privacy via the GDPR Live digital service. The output of the input diagnostics suppose to be documents that will form the basis for analysis and assessment of the GDPR compliance.
- Strategic level – GDPR diagnostics
- Operational level – Diagnostics of the current state for processing & collection of personal data
ANALYSIS – Distribution of identified personal data of the controller according to key activities/competencies organizational units, assignment of processing purposes and relevant legal bases on which these personal data are processed, determining the extent of the impact for processing of personal data on data subjects & determining the organizational roles for the processors of personal data.
- GDPR Controller Analysis
- determining the organizational roles for the processors of personal data
DPIA (Data Protection Impact Assessment), resp. PIA (Privacy Impact Assessment) – impact assessment on data protection – represents the analysis and assessment of the risks to the rights and freedoms of the data subject and the identification of security incidents in order to fulfil the requirement of the reporting duty of the Office for Personal Data Protection.
- DPIA (Data Protection Impact Assessment)
- assessing the impact on the protection of personal data before starting to process the newly planned processing operations
REVISION of controller contracts – assessment of compliance with EU Regulation 2016/679 in the contracts.
- revision of controller contracts
- creation of an agreement on the processing of personal data by the processor
- processing of public business conditions
- credential processing of the authorized person
- processing consent to the processing of personal data
- processing of personal data processing information
RECORD EVIDENCE of processing activities.
- preparation of the Record of the processing activities of the controller/controller representative
- elaboration of the Record for all categories of processing activities of the processor / representative of the processor
- update of the document management on the GDPR agenda compliance
INFORMATION SUPPORT SOLUTION
- GDPR live – education and information portal
- InLook system® – information support of management system objectification
THE OUTPUT OF THE SOLUTION IS AS FOLLOWS:
- identifying the impact of GDPR on business process management
- assessment of organizational, personnel, technical and legal part of the controller’s readiness to ensure the GDPR requirements continuously
- GDPR compliance
* GDPR compliance – permanent & professional follow-up activity continually improved, re-evaluated & modified by the data processor.
THROUGH THE GDPR COMPLIANCE SOLUTION THE PERSONAL DATA CONTROLLER CONTINUALLY IDENTIFIES:
1. How many ? organizational units, operations & centers process personal data for the controller;
2. Who ? is responsible for handling of personal data;
3. What ? personal data is processed;
4. Where ? personal data is processed;
5. Where / To Whom ? personal data is transferred;
6. How ? personal data is secured.
GDPR Live solution – EQUEST OFFER